[Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2021-38155 in keystone for stretch LTS.

Chris Lamb (@lamby) lamby at debian.org
Sun Aug 8 10:09:42 BST 2021 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
529cc3bb by Chris Lamb at 2021-08-08T10:07:48+01:00
Triage CVE-2021-38155 in keystone for stretch LTS.

- - - - -
e9469fe3 by Chris Lamb at 2021-08-08T10:09:08+01:00
Triage CVE-2021-3639 in libapache2-mod-auth-mellon for stretch LTS.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -162,6 +162,7 @@ CVE-2021-38156
 	RESERVED
 CVE-2021-38155 (OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1 ...)
 	- keystone <unfixed>
+	[stretch] - keystone <end-of-life> (Keystone not supported in stretch)
 	NOTE: https://launchpad.net/bugs/1688137
 CVE-2021-38165 (Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, whic ...)
 	[experimental] - lynx 2.9.0dev.9-1
@@ -4110,6 +4111,7 @@ CVE-2021-3639 [Prevent redirect to URLs that begin with '///']
 	- libapache2-mod-auth-mellon <unfixed> (bug #991730)
 	[bullseye] - libapache2-mod-auth-mellon <no-dsa> (Minor issue)
 	[buster] - libapache2-mod-auth-mellon <no-dsa> (Minor issue)
+	[stretch] - libapache2-mod-auth-mellon <no-dsa> (Minor issue)
 	NOTE: https://github.com/latchset/mod_auth_mellon/commit/42a11261b9dad2e48d70bdff7c53dd57a12db6f5
 CVE-2021-36350
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4cc27738845d525162def9234c84a355c97adf20...e9469fe35c24f4a97e08ffabf13d570d1027aa0f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4cc27738845d525162def9234c84a355c97adf20...e9469fe35c24f4a97e08ffabf13d570d1027aa0f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210808/87f25b86/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list